[Development] Monitoring of upstream vulnerabilities
Thiago Macieira
thiago.macieira at intel.com
Tue Jun 19 22:50:54 CEST 2018
On Tuesday, 19 June 2018 13:15:18 PDT Jason H wrote:
> > Currently, we use https://github.com/clearlinux/cve-check-tool. This is
> > going to be replaced with CVEMAN -
> > https://github.intel.com/kcwells/cveman. Both tools consume the feed from
> > the National Vulnerability Database from the US NIST -
> > https://nvd.nist.gov/.
>
> Is that intel server publicly accessible?
The dashboard the tool produces isn't, but I also don't see why you'd want
that. It's not applicable to Qt. The only people who would want access to it
are the people who are working on the distribution and will apply the patches.
--
Thiago Macieira - thiago.macieira (AT) intel.com
Software Architect - Intel Open Source Technology Center
More information about the Development
mailing list